AI is a buzzword that gets thrown around a lot in cybersecurity — often, it seems, to obscure and impress, rather than to clarify how products and services work. This is unfortunate, because beyond the hype, artificial intelligence's role in cybersecurity is becoming increasingly indispensable. While AI won't solve all problems, it provides a growing toolbox for accelerating security workflows and better detecting threats. In fact, there are several ways in which AI is already revolutionizing cybersecurity.
Pattern Matching and Threat Detection Until the past half decade or so, most cyber-threat detection was performed using small, handwritten pattern-matching programs (called signatures, rules, or indicators of compromise). The widespread adoption of AI has changed this. Now, security vendors are on a long march to augment signature-based detection technology with AI in every context for making detections: detecting phishing emails, malicious mobile apps, malicious command executions, and the like.
AI won't replace signatures, nor should it, because these technologies complement each other. Whereas signatures are good at detecting known threat artifacts, AI algorithms — trained on vast threat databases that cybersecurity companies have accumulated over the years, are better at detecting previously unseen artifacts. Whereas signatures can be written and deployed quickly, AI technologies take a lot longer to train and deploy. And while signature authors can control precisely what threats their signatures will and won't detect, AI is fundamentally probabilistic and harder to control.
Continue reading: https://www.darkreading.com/attacks-breaches/beyond-the-hype-ai-s-future-in-defensive-cybersecurity
Pattern Matching and Threat Detection Until the past half decade or so, most cyber-threat detection was performed using small, handwritten pattern-matching programs (called signatures, rules, or indicators of compromise). The widespread adoption of AI has changed this. Now, security vendors are on a long march to augment signature-based detection technology with AI in every context for making detections: detecting phishing emails, malicious mobile apps, malicious command executions, and the like.
AI won't replace signatures, nor should it, because these technologies complement each other. Whereas signatures are good at detecting known threat artifacts, AI algorithms — trained on vast threat databases that cybersecurity companies have accumulated over the years, are better at detecting previously unseen artifacts. Whereas signatures can be written and deployed quickly, AI technologies take a lot longer to train and deploy. And while signature authors can control precisely what threats their signatures will and won't detect, AI is fundamentally probabilistic and harder to control.
Continue reading: https://www.darkreading.com/attacks-breaches/beyond-the-hype-ai-s-future-in-defensive-cybersecurity
